Yamn Packet Specification

Yamn (Yet Another Mix Network) is a very close relative to Mixmaster.
The keyrings, stats and payload format are similar enough that the
Echolot Pinger can be used with only minor modification to some Regular
Expressions.

The following table presents a simple overview of the principle
differences between Yamn and Mixmaster.

Function

Mixmaster

Yamn

Public Key Encryption

RSA

NaCl Box

Symmetric Encryption

DES3

AES256 (CTR Mode)

Integrity Checking

MD5 (Partial only)

Blake2 (ed25519 with NaCl)

Pooling Algorithm

Dynamic Mix

Binomial Mix

Maximum Chain Length

20

10

Payload Format

The term payload describes the entire Yamn payload at it's highest
level. The Headers content is described in greater detail in
subsequent sections. During client-side message construction, all
headers (excluding the first one) and the Body are wrapped in multiple
layers of encryption. These layers are stripped, one-by-one at each
hop until the plain content is exposed for delivery to the actual
recipient.

Field Name

Bytes

Description

Headers

2560

10 x Headers (1 per hop)

Body

17920

User defined content

Total

20480

Header Format

Each of the 10 headers consists of 256 Bytes split into 4 fields. The
first 3 fields contain instructions on how to decrypt the content of
the 4th field, the Sealed Header.

Field Name

Bytes

Description

Recipient key ID

16

KeyID required to decrypt NaCl Sealed header

Sender Public key

32

Public key corresponding to SK used in NaCl Seal

Xsalsa20 Nonce

24

Nonce used during NaCl Seal

NaCl Sealed header

176

160 Bytes + NaCl Overhead

Random padding

8

Total

256

The client generates a NaCl key pair for each hop in the chain. The SK
is used to encrypt the Sealed Header and is then discarded. The PK is
transmitted within the header. The KeyID informs the recipient
Remailer of what SK to use for decryption.

NaCl Sealed Header Format

The Sealed Header contains sensitive content, such as how to decrypt
other payload components and further delivery instructions.

Field Name

Bytes

Description

Packet version

1

Support for multiple packet versions.

Packet Type ID

1

Intermediate Hops=0, Exit Hop=1

Delivery Protocol

1

SMTP=0 (Currently the only option)

Packet ID

16

Unique packet identifier (prevents replay)

AES-CTR Key

32

AES Key required to decrypt subsequent headers and body

Timestamp

2

Days since Epoch in Little-Endian
format. A random 0-3 days are subtracted during
stamp creation.